package com.xm.servlet.reception_desk.index;

import com.xm.entity.AccountInformation;
import com.xm.service.reception_desk.AccountInformationService;
import com.xm.service.reception_desk.ShoppingCartService;
import lombok.SneakyThrows;

import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


/**
 * @author 康文程
 * @date 2023-12-15 商城
 */
@WebServlet("/shop")
public class ShopServlet extends HttpServlet {
    /**
     * 账号信息Service
     */
    private final AccountInformationService service = new AccountInformationService();

    /**
     * 主页
     *
     * @param req  an {@link HttpServletRequest} object that
     *             contains the request the client has made
     *             of the servlet
     * @param resp an {@link HttpServletResponse} object that
     *             contains the response the servlet sends
     *             to the client
     */
    @SneakyThrows(Exception.class)
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
        HttpSession session = req.getSession(false);

        // 获取会话中存储的CSRF令牌
        String sessionToken = null;
        try {
            sessionToken = (String) session.getAttribute("token");
        }catch (Exception e){
            System.out.println("没有登陆");
        }
        //查看是否有令牌
        System.out.println(sessionToken);
        //账号ID
        String acccountId = req.getParameter("acccountId") == null ? "0" :
                req.getParameter("acccountId");
        System.out.println(acccountId);
        // 验证CSRF令牌
        if (sessionToken != null) {
            AccountInformation accountInformationByAccountId =
                    service.getAccountInformationByAccountId(Integer.parseInt(acccountId));
            if (accountInformationByAccountId != null){
                req.setAttribute("name", accountInformationByAccountId.getName());
                req.setAttribute("id", accountInformationByAccountId.getInformationId());

                req.setAttribute("accountId", acccountId);
                req.setAttribute("status", true);
            }else{
                validationFailed(req);
            }
        } else {

            validationFailed(req);
        }

        req.getRequestDispatcher("/WEB-INF/page/reception_desk/index.jsp").forward(req, resp);
    }

    /**
     * 验证失败
     * @param req {@link HttpServletRequest} object that
     *            contains the request the client has made
     *            of the servlet
     **/
    public void validationFailed(HttpServletRequest req){
        req.setAttribute("accountId", "0");
        req.setAttribute("name", "null");
        req.setAttribute("id", -1);
        // 令牌失效
        req.setAttribute("status", false);
        System.out.println("CSRF令牌验证失败");
    }
}
